Why Hackers Love Your Apps; Blue Pill threat dead?...That's wishful thinking

Security News Alert This newsletter is sponsored by Juniper Networks The Pervasive Network Access Voyage by Enterprise Strategy Group (ESG) This white paper by analyst Jon Oltsik from the Enterprise Strategy Group (ESG) describes the multitude of benefits associated with providing network access to various users in the distributed enterprise. However, this access comes with a price. The more endpoints and users that access the network, the more dangerous the network neighborhood becomes. Somehow, enterprises must strike a balance between network access and security for internal and external users as soon as possible. Network World's Security News Alert, 08/09/07 Podcast: Why Hackers Love Your Apps, 08/08/07: Custom-made applications are riddled with holes that hackers are discovering with glee. IT departments are spending too much time patching operating systems and not enough time looking for threats in their applications. Jack Danahy from Ounce Labs talks to Jason Meserve about who's responsible and what can be done to shore up custom-code from a hacker attack. Los Alamos nuclear lab loses more data, 08/07/07: The error-prone Los Alamos Nuclear Laboratory has inadvertently released highly classified nuclear weapons material again, this time by e-mail. Blue Pill threat dead? … That's wishful thinking, 08/08/07: Joanna Rutkowska, the renowned rootkit researcher at Invisible Things Lab based in Poland, has ignited keen interest in virtualization-based malware with her creation called Blue Pill. Last year at the Black Hat conference she gave a presentation on Blue Pill, and at last week’s Black Hat 2007, she announced she is making the New Blue Pill, which, among other things, can run tens of Blue Pills inside each other, available for research purposes. Network World Security Buyers Guide Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyers Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise. Click here to go to the Security Buyers Guide now. VPNs still show basic flaws, says study, 08/07/07: A penetration test of U.K. corporate VPNs has offered decidedly mixed news on security. Laptop of VeriSign employee stolen, 08/07/07: A laptop containing the personal information of VeriSign's current and former employees was stolen from an employee's car last month, the company confirmed Tuesday. U.C. researchers: Take antispam fight to the Web, 08/07/07: According to researchers at the University of California, San Diego, antispam fighters could really hurt the spammers bottom line, if they target the Web sites used to host their scams rather than simply trying to block the mail server used to send out unsolicited commercial e-mail. Aladdin's eSafe upgraded to halt proxy menace, 08/07/07: Security vendor Aladdin Knowledge Systems has added an element to its eSafe secure Web gateway that it claims can block the operation of 'anonymous' proxies. What's the best bargain on enterprise network products you've ever gotten? Bought a bunch of Cisco routers for a song? Nabbed Windows Vista (legally) for a great price? We know people love to brag about saving money. Here's your chance to show your peers just how smart or lucky you've been. And if there are lessons to be learned here, all the better. We plan to write a story based on the best stuff. Join the discussion.

TODAY'S MOST-READ STORIES: 1. Storm Worm's virulence may change tactics 2. U.C. researchers: Take antispam fight to Web 3. Kittens could solve spam 4. How far could cyber war go? 5. 802.11n WLAN tests show 'unbelievable' results 6. Cisco founder unveils the Next Big Thing? 7. iPhone lawsuit filed by doctor convicted of fraud 8. Cisco beats Q4 earnings expectations 9. Fujitsu links biometrics with Novell’s eDirectory 10. Do Not Call Registry gets wake-up call MOST-READ REVIEW: NAC alternatives hit the mark

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by Juniper Networks The Pervasive Network Access Voyage by Enterprise Strategy Group (ESG) This white paper by analyst Jon Oltsik from the Enterprise Strategy Group (ESG) describes the multitude of benefits associated with providing network access to various users in the distributed enterprise. However, this access comes with a price. The more endpoints and users that access the network, the more dangerous the network neighborhood becomes. Somehow, enterprises must strike a balance between network access and security for internal and external users as soon as possible. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007